Public facing oxTrust deployments are discouraged. Our advice is to build a multi-step authentication workflow to accomplish registration. You can do this with an openid parameter like `acr_values=register` or something like that. Then present and process your registration pages with a Person Authn script. This is more secure then opening public web access to oxTrust, where a hacker could try to escalate privileges.